OpenSAML user discussion

[Brent Putman <>]

On 8/19/10 5:32 PM, Nick Newman wrote:
> Hi,
> 
> Hopefully an easy question...
> 
> I am trying to use OpenSAML to send an AuthnRequest, and it seems that
> the HttpPostEncoder class is intended to be used for that purpose.


Yes, if by "send" you mean usage of the HTTP-POST front-channel binding
of SAML 2. That's what that particular encoder implements.  If you are
unsure what that means, take a look at the SAML 2 Bindings spec document.




  But
> to construct an instance I need to supply a VelocityEngine and the
> template ID.
> 
> So how do I get a reference to the VelocityEngine, and how do I find the
> template ID to use?
> 


Yes, that's correct.  As far as the VelocityEngine goes, you just
construct a new instance, with options and properties as you like.  If
you haven't used that before, probably best to take a look at the
Velocity docs, it's not terribly complex.

The template ID is relative to the type of Velocity resource loader(s)
that you specify for the VelocityEngine.  We supply some templates for
the encoders in the java-opensaml2 jar, under /templates.  You can get
at those directly by using the Velocity ClasspathResourceLoader.  The
default template intended for use with the HTTP-POST encoder is
"/templates/saml2-post-binding.vm".  You could also copy that,
customize, and reference it from the filesystem or elsewhere, by using a
different resource loader impl.

If you know Spring, take a look at the context file we use for the Shib
IdP, it has an example of how to wire up those components:

http://svn.middleware.georgetown.edu/view/java-idp/branches/REL_2/src/installer/resources/conf-tmpl/internal.xml?revision=2929

Specifically the beans with id's:

shibboleth.VelocityEngine
shibboleth.SAML2HttpPostEncoder


Hope that helps,
Brent